CVE-2021-20733

Name of the Vulnerable Software and Affected Versions: あすけんダイエット (asken diet) versions 3.0.0 through 4.2.x

Description: The issue is related to improper authorization in the handler for a custom URL scheme, allowing a remote attacker to lead a user to access an arbitrary website via the vulnerable app. This could potentially be exploited to redirect users to malicious sites.

Recommendations: For versions 3.0.0 through 4.2.x, consider restricting access to custom URL schemes to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the vulnerable app for sensitive operations that could be compromised by unauthorized redirects. At the moment, there is no information about a newer version that contains a fix for this vulnerability.